Skip to content

Waazify/CyberSentinel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
backend
backend
 
 
frontend
frontend
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

Video Demonstration of working application

Deployed Application

CyberSentinel

An AI-powered cybersecurity analyst agent built for Security Operations Centre (SOC) workflows. Ask about CVEs, paste raw log lines for threat analysis, check domain security posture, or query the built-in knowledge base covering OWASP Top 10, NIST CSF, incident response, cloud security, ransomware, phishing, and zero trust.

Stack: NestJS · LangGraph ReAct agent · Groq LLM · Neon PostgreSQL + pgvector · Next.js 14

CyberSec_Agent/
├── backend/          # NestJS API — agent, RAG, auth, chat sessions
│   ├── data/         # Markdown knowledge base files
│   └── scripts/      # ingest.ts — embeds knowledge base into Neon
└── frontend/         # Next.js 14 chat UI

Prerequisites

  • Node.js 18 or later
  • Yarn 1.x (npm install -g yarn)
  • A Groq account (free tier works)
  • A Neon account (free tier works)

1 — Get a Groq API Key

  1. Sign in at console.groq.com
  2. Go to API KeysCreate API Key
  3. Copy the key — you will need it in step 3

The agent uses llama-3.3-70b-versatile by default. Other supported models: llama-3.1-8b-instant, mixtral-8x7b-32768.

2 — Set Up a Neon Database

  1. Sign in at neon.tech and create a new project
  2. In the project dashboard, open Connection Details
  3. Copy the Connection string — it looks like: 
    postgresql://user:password@ep-xxx.us-east-2.aws.neon.tech/neondb?sslmode=require
  4. The pgvector extension is enabled automatically by the ingest script

3 — Configure the Backend

cd backend
cp .env.example .env

Open .env and fill in the two required values:

# Required
GROQ_API_KEY=gsk_...your-key-here...
DATABASE_URL=postgresql://user:password@ep-xxx.aws.neon.tech/neondb?sslmode=require

# Optional — override defaults
GROQ_MODEL=llama-3.3-70b-versatile
PORT=8000
CORS_ORIGINS=http://localhost:3000
RAG_TOP_K=3
DATA_DIR=./data

4 — Configure the Frontend

cd frontend
cp .env.local.example .env.local

The default value works for local development — only change it if the backend runs on a different host or port:

NEXT_PUBLIC_API_URL=http://localhost:8000

5 — Install Dependencies

Run both from the repo root:

cd backend && yarn install
cd ../frontend && yarn install

6 — Ingest the Knowledge Base

This step embeds the markdown files in backend/data/ into Neon using a local model (Xenova/bge-small-en-v1.5, ~45 MB, downloaded on first run). It also runs the database migrations.

cd backend
yarn ingest

Expected output:

CyberSentinel — Knowledge Base Ingestion
==================================================
Migrations applied.
Loading embedding model...
Model ready.
Generating embeddings for N chunks...
Success! Ingested N chunks into Neon.

Re-run this command any time you add or edit files in backend/data/.

7 — Start the Application

Open two terminals:

Backend (port 8000):

cd backend
yarn start:dev

Frontend (port 3000):

cd frontend
yarn start:dev

Open http://localhost:3000 in your browser.

Agent Capabilities

Tool Trigger
CVE Lookup Mention any CVE ID (e.g. CVE-2021-44228)
Log Threat Analysis Paste a raw log line
Security Posture Mention a domain in a security context
Knowledge Base RAG Any question — OWASP, NIST, ransomware, phishing, zero trust, cloud security, incident response

Production Build

# Backend
cd backend && yarn build && yarn start

# Frontend
cd frontend && yarn build && yarn start

Set CORS_ORIGINS in the backend .env to your frontend's production URL before deploying.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages